Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/68bzenQNN891TzsbCohLaoaKODM.roa
File: 68bzenQNN891TzsbCohLaoaKODM.roa (raw, json)
Hash identifier: xPDnIKOX0wv7E8foYeu5CM5P2pzfT6q1U/8kUOV6A7c=
Subject key identifier: EB:C6:F3:7A:74:0D:37:CF:75:4F:3B:1B:0A:88:4B:6A:86:8A:38:33
Certificate issuer: /CN=0e0f4872ad1c1f4fcb213b6b2edb388a2d9c9a23
Certificate serial: 019425FD97FF7818B21222980C7507E880D9
Authority key identifier: 0E:0F:48:72:AD:1C:1F:4F:CB:21:3B:6B:2E:DB:38:8A:2D:9C:9A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dg9Icq0cH0_LITtrLts4ii2cmiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/68bzenQNN891TzsbCohLaoaKODM.roa
Signing time: Thu 02 Jan 2025 07:49:24 +0000
ROA not before: Thu 02 Jan 2025 07:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5391
IP address blocks: 31.216.192.0/19 maxlen: 19
31.217.0.0/17 maxlen: 17
31.217.0.0/19 maxlen: 19
31.217.32.0/19 maxlen: 19
31.217.64.0/19 maxlen: 19
31.217.96.0/19 maxlen: 19
46.188.128.0/17 maxlen: 17
46.188.128.0/19 maxlen: 19
46.188.160.0/19 maxlen: 19
46.188.192.0/19 maxlen: 19
46.188.224.0/19 maxlen: 19
78.0.0.0/16 maxlen: 16
78.1.0.0/16 maxlen: 16
78.2.0.0/16 maxlen: 16
78.3.0.0/16 maxlen: 16
83.131.0.0/16 maxlen: 16
83.131.0.0/18 maxlen: 18
83.131.8.0/24 maxlen: 24
87.252.128.0/19 maxlen: 24
89.172.0.0/16 maxlen: 16
93.136.0.0/16 maxlen: 16
93.137.0.0/16 maxlen: 18
93.138.0.0/16 maxlen: 16
93.139.0.0/16 maxlen: 16
93.140.0.0/16 maxlen: 16
93.141.0.0/16 maxlen: 16
93.142.0.0/16 maxlen: 16
93.143.0.0/16 maxlen: 16
93.159.64.0/19 maxlen: 19
178.160.0.0/17 maxlen: 17
188.125.0.0/20 maxlen: 20
194.152.192.0/18 maxlen: 18
194.152.198.0/24 maxlen: 24
195.29.0.0/16 maxlen: 18
2a00:c30::/29 maxlen: 29
2a00:c30::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:97:ff:78:18:b2:12:22:98:0c:75:07:e8:80:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e0f4872ad1c1f4fcb213b6b2edb388a2d9c9a23
Validity
Not Before: Jan 2 07:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebc6f37a740d37cf754f3b1b0a884b6a868a3833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:56:a3:dd:87:8a:a7:72:85:8d:d1:78:55:8e:
d0:5e:2a:d9:3a:28:cb:00:27:e1:d9:41:c9:43:be:
6a:ff:2d:4a:82:c3:38:db:5f:f5:01:3c:14:3d:33:
e9:ac:61:5a:42:05:3b:33:ce:db:ac:30:a2:81:7b:
3f:1f:45:e0:c1:2e:3a:41:06:2e:0a:f1:bb:d1:4c:
e4:47:36:d2:58:47:7a:fb:07:b1:35:e5:b7:a6:ea:
a5:06:81:ad:71:f3:8a:ad:f9:56:c2:9c:d1:fa:72:
02:62:7d:89:0e:a7:23:7b:9f:8d:ad:e8:5f:e5:a8:
58:a1:61:f9:e5:31:87:0c:5f:2a:ad:58:c1:43:7a:
39:0f:a3:ba:7a:47:37:b7:38:85:36:60:38:27:a0:
34:6f:74:c1:d7:d9:79:80:f5:ba:ad:6e:5b:a7:e4:
8d:bd:fd:34:f5:44:af:ae:32:e4:3a:fa:19:a7:63:
e4:00:c0:85:40:49:5f:0a:6d:62:6c:51:bf:70:27:
84:c2:3e:af:8f:97:94:75:9e:0d:a0:8d:b6:6d:71:
0d:cd:e1:76:82:2e:55:c2:7a:2d:4d:8a:e1:9d:aa:
eb:aa:52:ad:05:58:62:22:ed:75:fe:b7:f1:6b:c6:
fe:92:14:c7:3f:2d:9d:90:46:d4:12:ab:57:b6:ec:
9f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C6:F3:7A:74:0D:37:CF:75:4F:3B:1B:0A:88:4B:6A:86:8A:38:33
X509v3 Authority Key Identifier:
keyid:0E:0F:48:72:AD:1C:1F:4F:CB:21:3B:6B:2E:DB:38:8A:2D:9C:9A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dg9Icq0cH0_LITtrLts4ii2cmiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/68bzenQNN891TzsbCohLaoaKODM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/Dg9Icq0cH0_LITtrLts4ii2cmiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.192.0/19
31.217.0.0/17
46.188.128.0/17
78.0.0.0/14
83.131.0.0/16
87.252.128.0/19
89.172.0.0/16
93.136.0.0/13
93.159.64.0/19
178.160.0.0/17
188.125.0.0/20
194.152.192.0/18
195.29.0.0/16
IPv6:
2a00:c30::/29
Signature Algorithm: sha256WithRSAEncryption
a0:e8:c8:57:2d:a3:ad:d1:8d:01:67:2e:cf:c0:8d:89:8f:2f:
58:e1:e1:0c:c4:e4:34:ee:c1:94:70:38:d4:38:cb:db:a6:c3:
85:f6:58:be:f2:46:15:f9:e4:fc:0e:44:d4:97:33:e9:7c:91:
fc:b2:3a:81:71:2a:ec:26:61:7a:f8:d0:13:ed:b5:9c:c9:8c:
08:41:4e:15:ff:ae:50:a3:f9:2b:78:c1:b5:35:a3:ba:da:20:
58:22:09:a7:7a:31:0d:19:6a:b4:86:97:a1:77:a6:b2:ea:a2:
d4:0a:94:4a:d2:d6:b7:a6:d4:25:94:83:de:82:1d:f8:3b:e2:
a1:40:58:07:1a:94:12:0c:44:ca:45:66:be:86:43:82:fc:1f:
a6:22:2a:b2:60:17:c0:52:2b:bd:11:cd:64:47:0e:65:4f:d4:
b7:6c:5c:f3:e0:df:b7:82:4d:6f:26:74:cb:52:28:55:8e:d7:
69:83:60:ad:25:ff:66:9c:84:c0:d7:99:c0:03:30:dd:1d:81:
93:81:20:18:cf:91:3e:ea:90:58:1b:cc:2f:10:e1:7c:28:37:
07:29:6f:3e:da:f5:8c:f1:bd:c4:ac:b6:f8:94:19:2b:e9:3b:
a7:8a:a7:f3:81:fa:e4:ee:78:9c:a7:41:12:17:b9:32:cb:40:
f6:6f:f3:99
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZQl/Zf/eBiyEiKYDHUH6IDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMGY0ODcyYWQxYzFmNGZjYjIxM2I2YjJlZGIzODhhMmQ5
YzlhMjMwHhcNMjUwMTAyMDc0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmM2ZjM3YTc0MGQzN2NmNzU0ZjNiMWIwYTg4NGI2YTg2OGEzODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVaj3YeKp3KFjdF4VY7QXirZOijL
ACfh2UHJQ75q/y1KgsM421/1ATwUPTPprGFaQgU7M87brDCigXs/H0XgwS46QQYu
CvG70UzkRzbSWEd6+wexNeW3puqlBoGtcfOKrflWwpzR+nICYn2JDqcje5+Nrehf
5ahYoWH55TGHDF8qrVjBQ3o5D6O6ekc3tziFNmA4J6A0b3TB19l5gPW6rW5bp+SN
vf009USvrjLkOvoZp2PkAMCFQElfCm1ibFG/cCeEwj6vj5eUdZ4NoI22bXENzeF2
gi5VwnotTYrhnarrqlKtBVhiIu11/rfxa8b+khTHPy2dkEbUEqtXtuyf/QIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFOvG83p0DTfPdU87GwqIS2qGijgzMB8GA1UdIwQY
MBaAFA4PSHKtHB9PyyE7ay7bOIotnJojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGc5SWNxMGNIMF9MSVR0ckx0czRpaTJjbWlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kYzVhNjItMDY0Yi00NWIwLWI4OWQt
YzAxZjgwYTFjODA1LzEvNjhiemVuUU5OODkxVHpzYkNvaExhb2FLT0RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kYzVhNjItMDY0Yi00NWIwLWI4OWQtYzAxZjgwYTFjODA1
LzEvRGc5SWNxMGNIMF9MSVR0ckx0czRpaTJjbWlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBPBAIAATBJAwQFH9jAAwQH
H9kAAwQHLryAAwMCTgADAwBTgwMEBVf8gAMDAFmsAwMDXYgDBAVdn0ADBAeyoAAD
BAS8fQADBAbCmMADAwDDHTANBAIAAjAHAwUDKgAMMDANBgkqhkiG9w0BAQsFAAOC
AQEAoOjIVy2jrdGNAWcuz8CNiY8vWOHhDMTkNO7BlHA41DjL26bDhfZYvvJGFfnk
/A5E1Jcz6XyR/LI6gXEq7CZhevjQE+21nMmMCEFOFf+uUKP5K3jBtTWjutogWCIJ
p3oxDRlqtIaXoXemsuqi1AqUStLWt6bUJZSD3oId+DvioUBYBxqUEgxEykVmvoZD
gvwfpiIqsmAXwFIrvRHNZEcOZU/Ut2xc8+Dft4JNbyZ0y1IoVY7XaYNgrSX/ZpyE
wNeZwAMw3R2Bk4EgGM+RPuqQWBvMLxDhfCg3BylvPtr1jPG9xKy2+JQZK+k7p4qn
84H65O54nKdBEhe5MstA9m/zmQ==
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:37:02 2025 by rpki-client on console.sobornost.net